Created
February 4, 2014 18:57
-
-
Save saveroo/00081b4c8191d9bb5dee to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (* | |
| DLL Injection in delphi :) | |
| Tested on 32bit and 64Bit application | |
| coded by Behrooz Abbassi (ME !) | |
| *) | |
| function InjectDLL(const dwPID: DWORD; {$IFDEF UNICODE} DLLPath: PWideChar | |
| {$ELSE} DLLPath: PAnsiChar {$ENDIF} ): Integer; | |
| const | |
| Kernel32 = 'kernel32.dll'; | |
| var | |
| dwThreadID: Cardinal; | |
| hProc, hThread, hKernel: THandle; | |
| BytesToWrite, BytesWritten: SIZE_T; | |
| pRemoteBuffer, pLoadLibrary: Pointer; | |
| begin | |
| hProc := OpenProcess(PROCESS_CREATE_THREAD or PROCESS_QUERY_INFORMATION or | |
| PROCESS_VM_OPERATION or PROCESS_VM_WRITE or PROCESS_VM_READ, False, dwPID); | |
| if hProc = 0 then | |
| exit(0); | |
| try | |
| BytesToWrite := SizeOf(WideChar) * (Length(DLLPath) + 1); | |
| pRemoteBuffer := VirtualAllocEx(hProc, nil, BytesToWrite, MEM_COMMIT, | |
| PAGE_READWRITE); | |
| if pRemoteBuffer = nil then | |
| exit(0); | |
| try | |
| if not WriteProcessMemory(hProc, pRemoteBuffer, DLLPath, BytesToWrite, | |
| BytesWritten) then | |
| exit(0); | |
| {$REGION 'Check for UNICODE'} | |
| {$IFDEF UNICODE} | |
| hKernel := GetModuleHandleW(Kernel32); | |
| pLoadLibrary := GetProcAddress(hKernel, 'LoadLibraryW'); | |
| {$ELSE} | |
| hKernel := GetModuleHandleA(Kernel32); | |
| pLoadLibrary := GetProcAddress(hKernel, 'LoadLibraryA'); | |
| {$ENDIF} | |
| {$ENDREGION} | |
| hThread := CreateRemoteThread(hProc, nil, 0, pLoadLibrary, pRemoteBuffer, | |
| 0, dwThreadID); | |
| try | |
| WaitForSingleObject(hThread, INFINITE); | |
| finally | |
| CloseHandle(hThread); | |
| end; | |
| finally | |
| VirtualFreeEx(hProc, pRemoteBuffer, 0, MEM_RELEASE); | |
| end; | |
| finally | |
| CloseHandle(hProc); | |
| end; | |
| exit(1); | |
| end; | |
| // how to use ? | |
| begin | |
| {4864 it this sample} | |
| {Target process PID} {Your dll dile path+name} | |
| if InjectDLL(4864, 'C:\SampleDLL') <> 0 then | |
| ShowMessage('woO!'); | |
| end; | |
| /////////////////// My Dll file \\\\\\\\\\\\\\ | |
| library SampleDLL; | |
| uses | |
| System.SysUtils, | |
| System.Classes, | |
| Winapi.Windows; | |
| procedure mydllproc(Reason: Integer); | |
| begin | |
| case Reason of | |
| DLL_PROCESS_ATTACH: | |
| begin | |
| MessageBoxW(0,'I am in your target : Dll file','woO!',0) | |
| end; | |
| end; | |
| end; | |
| begin | |
| DllProc := mydllproc; | |
| mydllproc(DLL_PROCESS_ATTACH); | |
| end. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment